<?

class User
{
	var $db = null;
	var $userid = -1;
	var $loggedin = false;

function User($db)
{
	$this->db = $db;
}

function addUser($userName, $password, $email)
{	
	$passwordHash = sha1($password);
	
	$query = "INSERT INTO crimemap_users VALUES ('', '$userName','$passwordHash', '$email')";
	$this->db->execute($query);

	$result=$this->db->getResults();
	
	echo "Successfully created user $userName";

}

function showUsers()
{

	$this->db->execute("SELECT * FROM crimemap_users");
	$result = $this->db->getResults();
	$num = $this->db->getNumRows();

	echo "<b><center>Database Output</center></b><br><br>";

	$i=0;
	while ($i < $num) {

		$username=mysql_result($result,$i,"username");
		$password=mysql_result($result,$i,"password");
	

		echo "<b>$username</b><br>";

		$i++;
	}
}


function &login($username, $password)
{
	$hash = sha1($password);
	$this->db->execute("SELECT userid FROM crimemap_users WHERE username like '$username' and password like '$hash'");
	if($this->db->getNumRows() > 0)
	{
		$result = $this->db->getResults();
		$userid = mysql_result($result, 0, "userid");
		
		$this->loggedin = true;
		$this->userid = $userid;

		return 0;
	}
	else
	{
		$this->loggedin = false;
		$this->userid = -1;

		return 1; 
	}

}

function &getUserID()
{
	return $this->userid;
}
	
} //class User


?>
